Eight-Point Checklist: Choose a Cloud or Managed Services Provider
Whether your annual revenues are six figures or ten, align your business with growth opportunities and IT service offerings from the right provider to accelerate your productivity and boost your bottom line. Use this eight-point checklist to find the best provider for your organization.
At large companies, management can lean on their IT Directors to build up data center capabilities or farm them out. They know how to sniff out a vendor account representative to determine if he will be a technical partner or an over-zealous, slightly obnoxious salesman.
But I want to begin this blog with a story for the small business entrepreneur still in the heart and soul of leaders everywhere.
Recently, one of our customers needed help with providing insight into his environment. He had a limited budget and didn’t have the resources to hire another full-time employee, but needed a partner he trusted with all the necessary security requirements that would meet his SLA’s, had the required knowledge of his IT environment, and would help keep his IT relevant for years to come. He was able to find all these requirements and more in CDI Managed Services, all for less than the price of a FTE.
How to Know When You’re Ready for a New IT Solutions Provider
You want to align your business with growth opportunities and IT service offerings that can accelerate your productivity. Ask yourself, “Where do I see my business in the next five years?”
Some clear signs that your business is experiencing a change in its service and support needs include the following:
- You need support ASAP but your current IT guy says his earliest open slot is next week.
- You call one consultant to fix the mess left behind by another consultant.
- You notice mistakes on your IT service invoice or unexplained changes in rates.
- Someone on your staff paid an invoice for a new vendor that turned out to be a scam.
- After a service visit, malware is discovered on several PCs in your office.
- Your marketing team’s new product launch campaign increased web traffic 50 times higher than last week, but you still have the same three order processing servers in your data center since 2005.
- Your boss, customers, supply chain, sales team, and even your uncle Charlie want you to expand your operations but your data center is a six-foot closet; walls would have to be torn down, air conditioning bills would go up, and other in-house equipment costs would break the budget.
- Your consultant adds another wireless router, and now the speed of your entire network slows to a crawl.
- You can’t remember when or how often backups are supposed to run, and you honestly have no idea how to recover any important client files.
- You put together a spreadsheet to determine what one-hour, day, or week of downtime will cost your business, but you continue to renew an old contract for economy service and insist on low-cost onsite software, hardware, and support options.
Checklist: How to Evaluate Your Next IT Solutions Provider
Notice how I say partner here and not consultant or vendor? That’s because you need to feel comfortable and confident that they are looking out for your best interests, and not just their own. Here are the top eight details to look for.
Make sure your new provider offers you…
1. Available, Friendly, and Talented Professional Staff
A common misconception is that the small local IT shop or cable communications provider will be able to provide more individual attention and at a lower cost. And I think it’s easy to see how this error in judgment occurs. As a consumer, the local car wash, bakery, and deli often deliver the best service. However, for your growing business, you need a larger service provider to scale up to match the size of your expanding IT demands. You will still have opportunities to build trust and loyalty, but it will be with several key players on a team.
Look for a reputable company with at least fifteen years in business with outstanding client references and current certifications. Their staff should have a broad awareness of current technologies with strategic depth in key areas, and a commitment to continuous learning. You want a firm that demonstrates specialization in several important areas with multiple staff members. One person is not going to know everything. There are simply too many moving parts in today’s digital economy.
Their staff should be available 24-hours per day, seven days a week, including (and some retail businesses will say especially) holidays. They should be able to clearly articulate and provide you with their official policy on handling errors, risks, and issues, and explain customer escalation options available to you so that you can work together to resolve serious problems as soon as they flare up.
Why not book a flight or drive to their office, meet with a few of their staff, or go on a tour of their facilities? The central theme here is that you want to be comfortable and confident of their ability to provide reliable network availability and give you fast, honest responses to your support issues when you need them, not whenever they can provide them.
2. Service Level Agreements
In your contract, look for tight coverage and detailed response times for the most common types of IT issues that impact your business. For example, if your voice IP phone system goes offline, look for a clause that states exactly who has responsibility for monitoring and how quickly you can expect a response. If a network switch goes down, how quickly will service be restored? What financial incentives or penalties apply for laggard service response times? Negotiate for availability guarantees and penalties in your SLA. You don’t want to be locked in with a provider that has a history of outages.
Verify they offer a written service level commitment clause that describes how they handle issues by severity or impact level. Critical issues or emergencies require a committed service response. Other important clauses of the SLA include change management, processes and controls, access policies, and infrastructure resource management.
3. Strong Service Availability
As you expand your company, you will see IT expenses for on-premise equipment and software licenses go up. To cut out these costs as you scale up, consider a managed services provider (MSP) or cloud services provider (CSP).
For example, your business operates in two regions. The first region uses their favorite POS system and the second region uses a different POS system with inventory control. Eliminate all the headaches associated with servers, middleware, backups, and compatibility between the two systems by adopting a single new SaaS POS system. You can now dynamically provision the application to your users through the cloud. You could add inventory features for 20 employees for twelve months or scale back on financial functionality for ten users for six months during off-peak times. When reviewing SaaS hosts, check how many 9’s of availability a given application or data warehouse supports. The best typically offer 99.95% or better uptime.
4. Shared Service Options
When a small business grows, or a mid-size business wants to expand, a key decision must be made when it comes to the data center. Are you going to keep paying those invoices, bills, and accounts payable to buy storage, software, servers, routers, switches, and other communications hardware? Don’t forget the cost of power, HVAC, and office space lease expenses.
You could go directly to a cloud provider or contract out to a managed services provider; however, some providers can accommodate a special arrangement where you continue to own and configure your equipment, but share the operating costs and floor space with other businesses. You might try this collocation arrangement temporarily.
For example, you need more space but want to continue managing your own equipment and protecting your client or proprietary data sources. Another reason companies choose to share services as tenants in a collocated data center is affordable offsite backup and disaster recovery.
You have flexible options. You might contract for a fixed set of services and try-and-buy others a la carte. For example, continue running and monitoring your collocated equipment for one more year but begin looking into turning over the management of your servers and networking resources to the MSP.
5. Competitive Pricing
Try to learn their fee structure in advance. Ask for a competitive bid from three similar firms. Be cautious if you discover they profit from marking up prices on software, hardware, or other equipment. You may not be aware of the value they deliver in that price margin or other hidden costs they must endure.
In general, because of collocated equipment, the vendor should not be passing on costs directly to you. These costs are shared by multiple tenants. You could check prices online for similar hardware or software and then determine for yourself if the pricing is reasonable.
Look for attractive offerings with a la carte pricing, special packages, subscriptions, and flexible options.
6. Maintenance, Patch Updates, Upgrades, and Rollback
You are paying Sally in Accounting to process financial accounts. Her time should not be spent updating virus definitions, applying service packs, or performing other routine maintenance. There may be exceptions on occasion. For example, she might install a device driver for a new printer, scanner, or portable flash drive. And we know all your staff members are smart enough to click on the Install button for a simple patch. But multiplied across all your employees, the time on these simple tasks eats away at their productivity.
Is it worth the savings if you decide that your own staff will manage the system updates and upgrades required for certain applications? Remember that the operating systems, mobile systems, server software, and firmware that you rely on are subject to daily patch updates for everything from enhanced features to vulnerabilities. It might make perfect sense to outsource this work. Consider the related downtime from missing a critical patch update.
You can have your vendor manage upgrades and configuration changes. Make sure that they inform you and your teams of upcoming upgrades so that everyone can plan ahead. It may be worth paying extra for the vendor to provide transparent real-time upgrades without subjecting users to any downtime. You also want a SaaS applications provider that will automatically roll back to the last known working version if a problem arises.
Look for a provider that can optimize network and service performance on demand without added charges for administrative provisioning of new or changed resources. Avoid providers that tell you that they must interrupt your services to add or subtract resources.
Make sure your contract has separate sections that clearly identify how often you can expect the following services:
- Malware and Anti-Virus Scans
- Spyware Detection and Removal
- Spam Filtering
- Disk Integrity, Partitioning, and Defragmentation
- Storage Utilization
- Regular maintenance for office PCs, servers, copiers, and other hardware should also be included.
7. Cloud Infrastructure Capabilities
Cloud options will save you operating costs because all services are collocated in a shared facility or networked series of facilities and resources. The cloud service provider takes care of all hardware including servers, compute, storage, and network components. You won’t have to hire more IT consultants since the MSP manages the daily administrative work, maintenance, and problem solving. You can now allocate your staffing budget to more profitable areas of your business.
Cloud services were designed to reduce both your capital and operating expenses. For the financial wizards out there, going with a capable MSP is a double victory, saving you CAPEX and OPEX.
Another benefit of cloud is that it flexibly scales up or down depending on which areas of the business you want to grow or shrink in size. While a cloud platform offers a full array of services, applications, and resources, you want a MSP that allows you to pay only for the ones your staff actually uses. Look for a MSP that offers a pay-as-you-go pricing model, sometimes called on-demand metered usage.
8. Demonstrated Security Best Practices
Basic contracts that do not provide access control, encryption, and security monitoring are not worth the cost savings. Your staff would have to take on those tasks. A configuration error or access problem could compromise the security of the entire system. Look for a provider that offers complete security management including encryption keys, virus and malware intrusion detection, enterprise scanning, email spam filters, quarantines, and suspicious activity monitoring.
Your management team might also be concerned with privacy laws surrounding Sarbanes-Oxley, HIPAA, or PCI DSS and new credit card requirements. Your service provider might not know that it is required to report failed critical security controls or to conduct semi-annual penetration tests.
Verify that your provider is prepared to disclose proof of a well-designed cryptographic architecture and to perform quarterly personnel reviews to validate adherence to security procedures.
Your MSP should be equipped, trained, and certified to maintain compliance and pass annual audits. They should be able to demonstrate encryption, hacking, and cyber security controls and counter-measures. Examine access to their data center and other building entrances from the parking lot, if possible, because you also want to be certain that they are also able to provide physical security to their facilities.
Today’s MSP/CSP is able to offer you more reliable options that often far outweigh the benefits of maintaining your own legacy in-house data center. With collocated facilities, you are reducing risks, saving costs, and gaining access to potential new value streams. For example, shutting down your costly traditional data center and shifting to a new cloud solution will open up new opportunities for data warehousing, analytics, and reporting.
Evaluate the decision points in this article and choose a provider that meets your data privacy, compliance, security, control, access, and availability requirements.